Hi, I just finished setting up an L2TP/IPSec VPN on my ReadyNAS 102. Everything is working, I can connect fine from outside of my LAN (I'm at work right now connected), and I can ping literally every host on my LAN except the ReadyNAS. I'm able to browse to my router's landing page at 192.168.1.1, admin my Apple Time Capsule at 192.168.1.2 using the native AirPort Utility, but I simply can't talk to the NAS. What gives? It's the only host on the network I can't speak to, but it's definitely online.

I tried configure make all 2 versions (4 w and w/o SuperNAT)
1) Local Bridge with Network adapter.
All 3 ports (500,4500,1701) are on the router open and NAT is targeting ReadyNAS physical NIC IP
Can connect to L2TP, everything works except any access to ReadyNAS via VPN. It's IP is not reachable on any port/service.

2) Local Bridge with TAP
All 3 ports (500,4500,1701) are on the router open and NAT is targeting ReadyNAS physical NIC IP
Can connect to L2TP, everything works except any access to ReadyNAS via VPN. It's IP is not reachable on any port/service.

Unfortunately I can't find details about this TAP conenctivity.
On router TAP seems it doesn't lease any DHCP IP from router DHCP
In SoftEther I see no way how to assign Static IP via GUI
I assigned TAP IP via ReadyNAS SSH another address from home subnet, but it was not pinging on this IP anyway.

Is there a way to configure TAP device IP within SoftEther?
In order to get ReadyNAS accessible via L2TP VPN, do I need to NAT (500,4500,1701) to ReadyNAT Physical IP or TAP IP?

2) Also create another Local Bridge with a new "Tap device" to the SAME Virtual HUB (give it a name).

3)Reboot NAS.

4) SSH/terminal into the NAS and use the "ifconfig" command to verify your new Tap device is there. It will display near the bottom as "tap_name you gave it" and may or may not have an IPv4 address. Either way you need to set it with a static IP address.

5) In raspbian this can be done by editing the "/etc/dhcpd.conf" file. In other distros of linux I believe they use the "/etc/network/interfaces" file.

6) While editing the Static IP. An additional required command (in my case) needed to make this work is the "metric" command "metric 100" (NOT metric=100) placed under the Tap_ device area.(which value/number you use is irrelevant as long as you do not add a metric to the physical NIC "eth0")

7) Your physical NIC "eth0" should already have static IP I would think seeing its a NAS. Leave it as is. If you ever accidentally deleted the tap_ device you still have access to the NAS via the physical NIC "eth0".

8) Reboot your NAS.

9) On the router open/forward the L2TP/IPsec ports to either the "Tap_" or the "eth0", I found they both will work. I choose the original "eth0" ip address in case I ever accidentally deleted the tap_ device the vpn would still work.

10) If all went well your local network & also the VPN clients should now be able to access the NAS at the "TAP_" IP and the "eth0" IP.

Note: I found this can also be accomplished with or without setting a "metric" on the tap_vpn and setting "eth0" IP address to 0.0.0.0. as mentioned in the SE documentation when using 2 physical NICs . However the danger in this option is that if the "Tap_vpn" is ever deleted and with the "eth0" set to a static "nothing IP" address it would possibly leave the NAS inaccessible. With a RaspberryPi a keyboard/mouse and monitor can be used to fix the issue. With a NAS I believe IP address access is required which might force one to have to do a factory reset on the NAS.